3.14.1 Abstract Data Model

When this extension is implemented, the following additional state SHOULD<37> be maintained. This is an extension to IKE Protocol version 2 as specified in [RFC5996].

Security policy database (SPD): The following information MUST be maintained for a security realm IPsec policy:

§ Security Realm ID: A variable length array of bytes stored as an HMAC-MD5 hash of the string that identifies the security realm IPsec policy. For more information, see section 1.3.12.<38>